DATABASE SECURITY

DEFINITION OF DATA SECURITY

Data security is the practice of keeping data protected from corruption and unauthorized access. The focus behind data security is to ensure privacy while protecting personal or corporate data.

 

It is a means of putting in place the different form of information security controls to protect database against compromise of their confidentiality, integrity and availability.

 

RISK ASSESSMENT

This will enable you to identify the risks you are faced with and what could happen if valuable data is lost through theft, malware infection or a system crash.

 

SECURING DATA

Since data can be compromised in many ways, the best security against misuse or theft involves a combination of technical measures, physical security and a well-educated staff. You should implement clearly defined polices into your infrastructure and effectively present them to the staff.

 

TYPES OF SECURITY CONTROL ON THE DATA

  1. Access Control

Is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.

 

  1. Auditing

Database auditing involves observing a database so as to be aware of the actions of database users. Database administrators and consultants often set up auditing for security purposes, for example, to ensure that those without the permission to access information do not access it.

 

  1. Authentication

Is the validation control that allows you to log into a system, email or blog account etc.  Once logged in, you have various privileges until logging out. Some systems will cancel a session if your machine has been idle for a certain amount of time, requiring that you prove authentication once again to re-enter.You can log in using multiple factors such as a password, a smart card or even a fingerprint.

 

  1. Encryption

This security mechanism uses mathematical scheme and algorithms to scramble data into unreadable text. It can only be decoded or decrypted by the party that possesses the associated key.

 

  1. Back Up

This is the process of making copy and archiving of computer data in the event of data losswhich is used to restore the original data.

 

  1. Password

This is sequence of secret characters used   to enable access to afile, program, computer system and other resources.

 

EVALUATION

  1. Explain data security.
  2. Explain types of security control on data that you know

 

IMPORTANCE OF DATA SECURITY

Data security is critical for most business and even home computer users. Client information, payment information, personal files, bank account details- all this information can be hard to replace and potentially dangerous if it falls into the wrong hands. Data lost due to disaster such as a flood of fire is crushing, but losing it to hackers or a malware infection can have much greater consequences.

 

MAJOR THREATS TO DATA SECURITY

  1. Accident can happen due to human error or software/ hardware error.
  2. Hackers could steal vital information and fraud can easily be perpetrated.
  3. Loss of data integrity.
  4. Improper data access to personal or confidential data.
  5. Loss of data availability through sabotage , a virus , or a worm.

 

INTEGRITY CONTROLS

BACKUPS

Is the process of copying and archiving of computer data so it may be used to restore the original after a data loss event.

 

Backupshave two distinct purposes. The primary purpose is to recover data after its loss, be it by data deletion or corruption. The secondary purpose of backups is to recover data from an earlier time, according to a user-defined data retention policy, typically configured within a backup application for how long copies of data are required. Backup is just one of the disaster recovery plans.

 

APPLICATION SECURITY

Application security is the use of software, hardware and procedural methods to protect application from external threats.

 

THE ROLE OF DATABASE ADMINISTRATOR IN DATA SECURITY

A database administrator (DB) is a person responsible for the installation, configuration, upgrade, administration, monitoring and maintenance of databases in an organization. The role includes the development and design of database strategies, system monitoring and improving database performance and capacity, and planning for future expansion requirements. They may also plan, co-ordinate an implement security measures to safeguard the database.

 

A database administrator’s responsibilities can include the following tasks:

  1. Installing and upgrading the database server and application tools.
  2. Allocating system storage and planning future storage requirements for the database system
  3. Modifying the database structure, as necessary, from information given by application developers.
  4. Enrolling users and maintaining system security.
  5. Ensuring compliance with database vendor license agreement.
  6. Controlling and monitoring user access to the database.
  7. Monitoring and optimizing the performance of the database.
  8. Planning for backup and recovery of database information.
  9. Maintaining archive data.
  10. Backing and restoring databases.
  11. Contacting database vendor for technical support.
  12. Generating various reports by querying database as per need.

GENERAL EVALUATION

  1. Define the roles of a database administrator in data security
  2. Define backup and list its importance in data security

 

WEEKEND ASSIGNMENT

  1. …………….is the practice of keeping data protected from corruption and unauthorized access. (a) Data measurement (b) Data security  (c) Data protection (d) Data control
  2. Which of these is not a type of security control ……?(a) access control (b) auditing (c) encryption(d) storage
  3. .………….. security mechanism uses mathematical schemes and algorithm to scramble data into unreadable text. (a) Encryption (b) Auditing (c) Authentication (d) Auditing
  4. .…………. is the process of copying and archiving data so it may be used to restore original after a data loss (a) Backup (b) Restore (c) Control (d) Saving
  5. …..……… is the computer professional responsible for the configuration, administration and maintenance of a database (a) Programmer (b) System administrator (c) Database administrator (d) System analyst

 

THEORY

  1. Explain two types of data security control.
  2. Mention five (5) duties of a database administrator.

 

See also

MAINTENANCE OF COMPUTER

MAINTENANCE OF COMPUTER HARDWARE

DENSE VERSUS SPARSE INDEXES

INDEXES

SS 3 Data Processing Revision

Leave a Comment

Your email address will not be published. Required fields are marked *